Microsoft Shuts Down one more Botnet - Kelihos

According to Microsoft, it has brought a botnet called Kelihos to a halt, while charging Dominique Alexander Piatti a man from Czechoslovakia with running the botnet as well as utilizing it for sending junk e-mails or stealing data. Cnet.com published this on 27th September 2011.

Derived from the name 'Waledac 2.0' an earlier botnet, which Microsoft blocked during 2010, Kelihos consists of approximately 41,000 contaminated PCs globally that have been dispatching 3.8bn spam mails daily, says Microsoft.

The company, which has filed a complaint in Eastern District of Virginia's U.S. District Court, has charged Piatti, John Does 1-22, and Dotfree Group SRO with contaminating people's PCs with malware for building the Kelihos and then utilizing it for dispatching uncontrolled pharmaceuticals along with more spam, mining passwords and e-mails, carrying out fake stock scams, as also occasionally promoting sex-oriented websites related to child-exploitation.

Moreover, Microsoft's researchers revealed that Piatti, John Does 1-22, and Dotfree Group SRO not only operated the Kelihos bot-network, but also had their cz.cc domain connected to sub-domains previously that aided in distributing the MacDefender scareware, which contaminates Apple's OS (operating system).

Furthermore Google, during May 2011, had found that the domain name cz.cc was hosting malicious software; consequently, it tentatively shutdown the sub-domains cz.cc hosted for the Internet giant's search results, though Google restored those sub-domains following the remedying of the problem by the alleged defendants.

Senior Attorney, Richard Domingues Boscovich for the Digital Crimes Unit of Microsoft stated that the Kelihos' analysis revealed that Waledac shared huge sections of the Kelihos' code thus indicating that Kelihos belonged to the same crime-group as of Waledac alternatively the criminals acquired the code, made it up-to-date and then used it again. He explained that immediately when the Unit learnt about the seeming connection between Waledac and Kelihos, the researchers started devising a scheme for shutting down Kelihos with the identical technical measures, adding that Kelihos' shutdown represented a vital part of Microsoft's efforts for combating botnets. Pcmag.com published this on September 27, 2011.

Meanwhile, Kelihos is 3rd in line within a series of botnets Microsoft successfully shutdown, after Waledac and Rustock.